package com.cxhd.lis.shiro;

import com.cxhd.lis.DataCache;
import com.cxhd.lis.model.LisSystemLog;
import com.cxhd.lis.service.LogService;
import java.util.List;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.log.Log;
import java.util.ArrayList;

/**
 * *
 * 让 shiro 基于 url 拦截
 *
 * 主要 数据库中也用url 保存权限
 *
 * @author 12
 *
 */
public class ShiroInterceptor implements Interceptor {
 private static final Log logs = Log.getLog(ShiroInterceptor.class);
    private LogService log = new LogService();
    private DataCache dataCache = DataCache.getIntance();
    private List<String> listUrl = new ArrayList<String>();

    /**
     * 获取全部 需要控制的权限制的权限
     */
    private static List<String> urls;

    public void intercept(Invocation ai) {
        
        String method = ai.getController().getRequest().getMethod();
        System.out.println(ai.getController().getRequest().getHeader("x-requested-with"));
        //if (urls == null) urls = ResService.me().getUrls();
        boolean flag = true;
        String url = ai.getActionKey();
        System.out.println(url);
        setNoCheckUrl();
        String user_pk = ai.getController().getSessionAttr("user_pk");
        String role_id = ai.getController().getSessionAttr("role_id");
        // System.out.println(user_pk + "---------" + (user_pk == null) + "  " + url + "  " + listUrl.contains(url) + " " + listUrl.toString());
        try {

            //check not check url
            if (!listUrl.contains(url)) {

                //check Session
                if (user_pk == null) {
                    flag = false;

                    if (method.equalsIgnoreCase("GET")) {
                        ai.getController().redirect("/");
                    } else {
                        ai.getController().renderText("login_tiemout");
                        //ai.getController().redirect("/");
                    }
                    ai.invoke();
                    return;
                } //判断url是否在权限控制之中
                else if (checkAllAuth(url)) {
                    System.out.println("验证权限+ " + url);
                    //判断是否拥有访问的权限
                    if (!dataCache.getUserAuth(user_pk, role_id).contains(url)) {
                        flag = false;
                        System.out.println("没有权限");
                        if (method.equalsIgnoreCase("GET")) {
                            ai.getController().redirect("/error");
                        } else {
                            ai.getController().renderText("no_auth");
                        }

                    }
                }

            }
            if (flag) {
                if (url.contains("delete")) {
                    log.insert(ai.getController(), LisSystemLog.EVENT_DELETE);
                } else if (url.contains("save")) {
                    log.insert(ai.getController(), LisSystemLog.EVENT_ADD);
                }
                //if (urls.contains(url) && !ext.hasPermission(url)) ai.getController().renderError(403);
                ai.invoke();
            }
        } catch (Exception e) {
            e.printStackTrace();
            logs.error("Exception", e);
            //ai.getController().renderError(403);
        }

    }

    public boolean checkAllAuth(String url) {
        // System.out.println(dataCache.getAllAuth() + "   " + url);
        return dataCache.getAllAuth().contains(url);

    }
//    public boolean checkUrl(String url){
//    
//    }

    public void setNoCheckUrl() {
        if (listUrl.isEmpty()) {
            listUrl.add("/");
            listUrl.add("/login");
            listUrl.add("/lis/data");
            listUrl.add("/lis/data/recDeviceData");
            listUrl.add("/otherInfo/recviceLisInfo");
            listUrl.add("/otherInfo/recviceData");
            listUrl.add("/otherInfo/updateCenterStatus");
        }

    }

}
